About Our Technical and Procedural Safeguards


To ensure our data is safeguarded, we deploy a "defense in depth" approach from the physical to the network and system layers utilizing best of breed security tools, technologies and security best practices that meet or exceed NIST 800.53 rev3 (National Institute of Standards and Technology) requirements.

We start with a "hardened" datacenter

  • 15,000 Secure Cloud Server Capacity

  • Diverse fiber entry and intra-building fiber

  • Complete 2N electrical infrastructure

  • Four 2,000 kw Diesel Generators

  • 72+ hours fuel supply onsite with priority refueling status

  • N+1 Centrifugal Chiller Cooling

  • VESDA (Very Early Smoke Detection Apparatus) throughout

  • FM-200 Fire Suppression System

  • Dry-pipe pre-action sprinkler system

  • We Control and Monitor 32,000 points in the facility

"Physical Layer" Safeguards

At the physical layer our system is hosted in a hardened bunker style SAS70 II certified data center that is N+1 compliant on all critical infrastructure (Electrical and HVAC) with temperature and humidity controls.

  • The data center is staffed 24x7 by security and only authorized personnel are granted access into the facility.

  • Visitors into the facility must be escorted at all times by authorized personnel.

  • All secure access points required card key and/or biometric to access.

  • Our systems are hosted in a locked, roof-enclosed wire mesh cage that is monitored 24x7 via datacenter staff and sytem security management staff via CCTV.

"Network Layer" Safeguards

At the network layer we protect our systems from malicious and known attacks such XSS, SQL injections and DDoS attacks by deploying the following network security tools:

  • Redundant stateful inspection Firewalls

  • Multiple DDoS mitigation devices

  • Multiple WAFs (Web Application Firewalls) to prevent XSS, SQL Injections and thousands of malicious requests and attacks.

  • Network IDS

  • Complete customer-to-customer isolation

  • Managed system-level backups

  • Web application scanning

  • SSL Encrypted VPN

"System Layer" Safeguards

We have eployed the following security products and methodologies to our systems and protect against unauthorized, malicious and known attacks such as unauthorized access, trojans and malware infections.

  • Antivirus protection

  • MS SQL Encryption

  • Fully hardened server images customized per server role

  • Managed operation system security updates

  • 2 Factor Authentication for remote access

  • All systems are monitored 24x7x365 by onsite operations personnel

"Operational and Management Layer" Safeguards

There are documented policy and procedures in place and a secure support communications portal to ensure secure and efficient operational administration of resources that support TheOneFile:

  • Documented policy and procedures

  • Separation of duties enforced

  • "Least privileges" enforced

  • Change Management procedures

  • Patch management policy

  • Incident Response policy

  • Sensitive Media Handling policy

  • Syslog Server (Audit logging)

  • Secure Account Management Portal

  • Ticketing System